Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

c9966d3b55...in.exe

windows7-x64

7

c9966d3b55...in.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/07/2023, 12:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c9966d3b55a424cc510cd22af8015679.bin.exe

  • Size

    1.8MB

  • MD5

    c9966d3b55a424cc510cd22af8015679

  • SHA1

    40e70cecc5563bdada2a1bc067dd146fd488c75a

  • SHA256

    7a73fa7ca8f7caf895aafab3d6d082259fd89601bd78c085b45754d35b034e33

  • SHA512

    724a25c4e95713e9e72c7a318358a0831e334db51eb826cf610e2ce75844fee9ddabea9d1489ec520f4ed0fa6e58e3436044496aaa60163b35448503a2c8b261

  • SSDEEP

    49152:SkQTAAdQDOTC0wakdJ+J5DGfwNMiKw6id2l9gqumWD2/+H:SaAdQckdJ+JBGfwSip659IDD

Score
7/10

Malware Config

Signatures

  • .NET Reactor proctector 33 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c9966d3b55a424cc510cd22af8015679.bin.exe
    "C:\Users\Admin\AppData\Local\Temp\c9966d3b55a424cc510cd22af8015679.bin.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2980

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2980-133-0x0000000074C10000-0x00000000753C0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/2980-134-0x0000000005210000-0x0000000005220000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2980-135-0x0000000005210000-0x0000000005220000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2980-136-0x0000000005770000-0x0000000005D14000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/2980-137-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-138-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-140-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-142-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-144-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-146-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-148-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-150-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-152-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-154-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-156-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-158-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-160-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-162-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-164-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-166-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-168-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-170-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-172-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-174-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-176-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-178-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-180-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-182-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-184-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-186-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-188-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-190-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-192-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-194-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-196-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-198-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-200-0x0000000005220000-0x00000000054BD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2980-349-0x0000000074C10000-0x00000000753C0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/2980-497-0x0000000005210000-0x0000000005220000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2980-580-0x0000000005210000-0x0000000005220000-memory.dmp

    Filesize

    64KB

    Download